I was not able to find a definite answer to the question whether it is safe to disable spectre and meltdown vulnerabilities but i could articles that suggests the defaults might be revisited & windows seems to allow the disabling of these.
Does anyone know if it has been established clearly, the type of servers which are allowed to turn it off? e.g servers which are not running on shared infrastructure or servers which do not allow user code execution
Like many other mitigations the fixes for Spectre and Meltdown address problems with running not fully trustable code. If these fixes are not applied than such code might bypass the normal restrictions to gain information information about the memory content of other processes or the OS kernel.
If definitely all code running on the system can be fully trusted then these mitigations are not needed. But note that even code from a trusted code or code you've written yourself might not be "fully trustable". There might still be unexpected code flows, especially if external input (user input, sensors ...) is processed. But the more one is in control of the code and it's behavior, the more one can control this risk and there might be a case where the risks of the code it sufficiently low to switch off mitigations against Meltdown and Spectre.
There might also be cases where not fully trustable code is run, but where an exploited information leak does not cause relevant harm. This might be the case where no important data are stored on the system in the first place or where there is no way to misuse gained information. For example if the system cannot make any connections to the outside world due to external protections (like firewalls) then the risk is low (but not zero) that captured secrets from the machine can be send to the outside attacker.
